Security vendor RandomStorm has honed its StormAgent tool for the enterprise market. The alert management defence system has a more intuitive dashboard and a wider range after the vendor worked to make it more scalable and usable by big corporations.
Security teams have too little time and too much information, said the vendor. The Leeds-based vendor says its latest log analysis, file integrity, and host-based intrusion detection system (Hids) system will cut through the deluge of security data to instantly identify threats and react. Response times will be slashed from hours to minutes, RandomStorm claimed.
At StormAgent’s core is its Instance, Event, Alert (IEA) algorithm which identifies, classifies and stores alerts into IP and time-based events. These are then cross checked with instances of matched rules at speeds of over a million logs per hour (28 million logs per day).
The StormAgent categorises security alerts into meaningful groups and can automatically analyse long term patterns. Its graphical and menu-driven management dashboard makes the management system easy to use, so security experts can do more analysis and less training, said Andrew Mason, RandomStorm’s co-founder and technical director.
With 5,000 pre-defined rules the system is primed to spring into action in response to a massive range of security risks. StormAgent can support diverse, multi-platform networks including Linux, Apple Macintosh, Microsoft Windows and IBM iSeries (AS/400) environments.
“With billions of alerts being logged each year, important indicators can get overlooked. StormAgent filters out the most vital information and makes it understandable, so that staff can act swiftly to thwart an attack,” said Mason.
Security vendor Flashpoint debuts partner programme following $28m funding
Complex buying journeys and sprawling partner networks hampering customer experience, says Accenture
Datacentre provider Cyxtera says launch is “milestone in our go-to-market strategy”
Ensono highlights importance of mainframes still to major industries
Security vendor VASCO looks to replicate UK and German set up across EMEA
Splunk details investment in Partner+ programme at .conf2017